How to set up encryption of the passwords in Talend Studio

Overview

Whether from a company or from an individual, passwords are always critical assets that should not be shared. You may ask for a way to hide the passwords in Talend Studio so that the passwords are not exposed to others. This article shows how to setup encryption of the passwords with ROT13 algorithm.

Environment

This procedure was written with:

Talend Open Studio for Data Integration 5.2.0 r92826.

JDK version: Sun JDK build 1.6.0_26-b03

Operating system: Windows XP SP3

Mysql 5.0.67-community-nt

Talend verified this procedure to be compatible with all versions of Talend Studio.

Procedure

Encrypt the password with ROT13 algorithm

This example uses the ROT13 algorithm to encrypt the password. For more information on how to transform your real password to an encryption string, refer to the ROT13 Wikipedia article. For example, the password for a MySQL connection could be "talend", which can be transformed to "gnyraq" with the ROT13 algorithm.

Create a custom routine

In Talend Studio, open the Repository view.

Expand the Code node.

Right-click Routines to create a new routine named "MyRoutine" (for example).

Add a new function named "decrypt" that will use the decryption mechanism of the ROT13 algorithm to decrypt the encryption string of the password. The code of the function is below:

Create a demo Job

Create a new Job and name it EncryptPasswordWithR0T13Demo. This Job uses a tMysqlInput to read data from a table called person from the database (it can be configured to read data from any a table) and print the result on the console with a tLogRow component. The Job design is as follows:

Open the Contexts view, create a String type variable, and name it password.

Click the Values as table tab, and set the password variable's default value to be the encryption string that you got when you transformed the real password with the ROT13 algorithm, in this case, it is "gnyraq".

In the Basic settings panel of tMysqlInput_1, configure the Password parameter by calling the custom routine function MyRoutine.decrypt(context.password).

The demo Job and custom routine are also available in the EncryptPasswordWithROT13Demo.zip file attached to this article.

Execute the Job to check the DB connection

Execute the Job to check whether it is able to connect to the database and read data from it. If the Job runs fine and has result printed on the console, that means the DB parameters are configured well in tMysqlInput_1, otherwise the Job will die and throw the exception below: